An anonymous hotmailer turned to Crikey when he wanted to leak details
of a raid on EDS staff working at a Commonwealth Bank data centre in
Sydney on Monday. See how the story unfolded fist in Crikey’s
subscriber only emails here:

IT geeks caught for software piracy at CBA

Subscriber email, morning edition – 14 July

An anonymous hotmailer writes:

There was chaos at CBA in Sydney on Monday when it was
raided for software piracy – apparently the Electronic Data Systems
(EDS) IT staff were downloading movies including porn, software, games
and the like through CBA’s massive internet pipe. They then stored it
on CBA servers then burned it to CD – but here’s the kicker – then they
were selling it! All on CBA’s time and dime!

I’m not exactly sure who they were raided by, but it wasn’t state or
fed police and they were accompanied by sheriffs – staff were told to,
“stand up and step back” from their desks and whole servers were taken
away for analysis.

Staff in the first building hit were feverishly calling colleagues in a
nearby building to pull hard drives from other servers before the
raiders arrived. I’d love to have been a fly on the wall at the meeting
between EDS account managers and CBA yesterday…

As we don’t have any trained flies here at Crikey we thought we would
just email the Commonwealth Bank and ask them what was going on. This
is the letter we received back:

Thanks Crikey,

This is an EDS investigation into misconduct by EDSA staff. The matter
does not involve access to non EDS information or records. Sally Durant
from EDS will be contacting you regarding this matter.

Bryan Fitzgerald
General Manager
Media and Community
Commonwealth Bank


CRIKEY:
We’re still waiting for Sally’s call but clearly there is some truth to the claims.

IT geeks’ money shot pinched by EDS raid

Subscriber email, afternoon edition – 14 July

It was always going to be hard to keep a lid on EDS’s porn pirating IT
geeks, with their underhand antics forming what is possibly the largest
known organised workplace porn scandal to hit Australia.

This morning’s story in Crikey has generated much interest among
subscribers and further afield, with The Australian picking up the
story in their online edition here: EDS raids bank data centre

The Commonwealth Bank is clearly keen to distance itself from the
scandal and as CBA spinner Bryan Fitzgerald promised, a spokesperson
from EDS has written to us as follows:

Hi Crikey,

In response to you article ‘IT geeks caught for software piracy at CBA’ on Crikey.com:

Yes, EDS is currently investigating alleged misconduct by EDS staff on
Commonwealth Bank premises. This is an internal investigation and the
incident involved the use of decommissioned EDS equipment. No
Commonwealth Bank equipment or employees were involved.

Sally Durrant
Corporate Communications Manager
EDS, Asia Pacific

However, an ex-CBA employee has written into Crikey to say that it’s no
surprise that no Commonwealth Bank equipment was involved. He said:

There is not a single piece of ‘CBA equipment’ at the CBA.
Everything electronic is owned by either EDS or TCNZA. You just have to
go to an off-site stand alone ATM (like at a petrol station). There
should be an EDS barcode on it somewhere (the in-branch ones are the
same, but are generally on the hidden side of the machine).

Meanwhile, another subscriber writes:

I’m not surprised that this has occurred with a
de-moralised company like EDS. The thinking of the young turks, and
they will be young IT guys, will be something along the lines of: ‘We
get shit pay, nobody noticed when we first did it, so it’s all right’.

And there is also a resistance to take action on this sort of activity
as senior IT management tend to be afraid of turning over rocks, as you
never know what might else be found. CBA no doubt noticed a huge
increase in network traffic, and asked the obvious ‘Why’?

I’ve tried on a number of occasions to report blatant misuse to my
management, and they’ve done zip. The sorts of things I’m talking about
are “0” day movies and software, huge (4GB+) song collection, and
“surfing” of gross pornography sites.

One day my employer will be raided, and that won’t be a bad thing.

And an inconvenienced CBA customer says:

CBA’s internet banking site was partially down on Mon, with
only the most basic functions available. The other functions were
returning the “this *** is temporarily unavailable” routine. The
telephone banking system was having the same issues and a call to their
“helpline” only elicited the “yep we have a couple of problems we are
fixing try again later”.

CRIKEY: Clearly the misuse of workplace computers is an issue
facing many companies and if the EDS scandal is anything to go by, the
bigger the company is, the bigger the problem could be. And as our
subscriber points out, many companies may be loath to put their own
employees under the microscope for fear of what they will find and the
negative connotation it may have for their image or brand.

But while EDS may be upset about what has happened, they shouldn’t
necessarily be surprised. As their website says, “EDS people are
dedicated to ensuring every client is well served. Our highly skilled
IT professionals are recognised the world over for their innovation,
responsiveness and flexibility”.

Check out the company profile on the EDS website.

Reader Feedback:
——————————————-

You may recall that EDS also runs the IT resources for the Department of
Customs.

A major issue is still unresolved in theft of Customs Servers earlier
this year which caused such a flap at the time: How did the thieves get
past security. Insiders in Customs believe that the theft was an inside
job organised by disgruntled EDS employees. How else did they get their
hands on EDS Security passes!

Martin